Historically, organizations and businesses developed or acquired bespoke or off-the-shelf software solutions for execution using dedicated computer hardware. Such software solutions find broad application in many varied areas of business such as: financial management; sales and order handling; record storage and management; human resource record management; payroll; marketing and advertising; internet presence, etc. The acquisition, management and maintenance of such software and hardware can require costly investment in systems development, management and revision—functions that can extend beyond the core business concerns of an organization.
As organizations increasingly seek to decouple such systems management from their core business processes to control costs, breadth of concern and liabilities, service offerings are provided to take the place of in-house systems. Computer systems are increasingly provided by third parties as services in the same way as utilities, a shift that has been partly facilitated by improvements in the availability of high-speed network connections allowing consuming businesses to access and use networked third party systems. Such systems can include substantially all aspects of a business computer system including hardware, operating systems software, file systems and data storage software including database applications and the like, middleware and transaction handling software, and commercial software. In this way consuming businesses can be relieved of concerns relating to the exact nature, arrangement and management of computing systems and focus resources elsewhere. The computing system is abstracted from the consuming business and can be logically thought of as a ‘cloud’ in which all system concerns are encapsulated and at least partly managed by a third party. Thus, such arrangements are known as ‘cloud computing’.
Service providers can provide computing infrastructure on a service basis using hardware shared by multiple systems employing virtualization software. Such services can be described as virtualized computing environments in which applications can be deployed to execute within virtual machines executing in the virtualized environment. Computing environments are increasingly virtualized such that computing systems, operating systems and associated resources including hardware, networking, software and associated services are provided in a virtual manner. For example, systems can be deployed including operating systems, storage devices, virtual devices and drivers, applications and the like for execution in virtualized computing environments. A virtualized computing environment provides for the deployment of one or more virtual computer systems, known as virtual machines (VMs). A VM is a software or part-software implementation of a computer system capable of executing software and applications like a physical (or theoretical) machine. VMs execute in virtualized computing environments in which an underlying arrangement of physical computer system hardware and resources are abstracted by a virtualization service such as a hypervisor, emulator, operating system level virtualization component or a partitioned virtualized computing system.
A VM is deployed on the basis of a VM specification which defines the characteristics of a computing environment required for the deployment of the VM. For example a VM specification can define data storage, processor and network facilities required. Additionally, at least on first deployment of a VM, a VM specification can include a specification of the type, configuration and arrangement of software and services including operating systems, middleware, server software, data storage facilities such as databases etc. For example, VMs can be deployed based on specifications to cloud computing environments such as the BT Cloud Compute environment.
Once deployed it can be necessary to transfer or migrate a VM within or between virtualized computing environments. Such migration can be occasioned by a need for different or greater/fewer resources or a change of virtualized computing environment provider. For example, migration can occur within a single virtualized computing environment between partitions, nodes or clusters of the environment, or by simply re-deploying a VM within the same virtualized computing environment. Alternatively, migration can occur between virtualized computing environments such as between service providers of different computing environments or between different physical hardware environments within which virtualized computing environments (which may be different or identical to a source environment) exist.
Migration can be achieved by generating an image of a VM as one or more files, streams or other representations of a memory comprising the contents of all or a subset of memory and/or data stores associated with the VM in execution. For example, an image of a VM can be a disk image of one or more data storage devices installed and configured to constitute the VM in a particular virtualized environment. The image can further include runtime state of a VM, such as a copy, recall or dump of memory at all or a part of an address space of the VM in execution. The image can additionally include virtual processor information such as processor register states/values and the like. In this way a VM can be captured for transfer or migration such that the image can be copied, shared or otherwise transferred to a virtual computing environment in which the VM is to be deployed, further deployed or redeployed. Thus such images can capture the contents of storage devices for a VM or can extend to some or all of a state of the VM in execution.
A challenge when migrating VMs is to avoid the transfer or propagation of malicious software or malware including, inter alia: viruses; worms; viruses; Trojan horses; rootkits; grayware; unsolicited software; privacy-invasive software; spyware; adware; fraudulent dialers; and even joke programs. Where malware is installed in a VM then transfer or migration of the VM can include transfer of the malware. Where a VM is migrated to a new virtualized computing environment then the new environment can be susceptible to the detrimental effects of the malware.
Accordingly it would be beneficial to provide for the transfer or migration of a VM without the aforementioned disadvantages.